The Bank of Uganda has called on financial institutions to align their internal frameworks with the Cyber and Technology Risk Management Guidelines issued in 2024, particularly the requirements around data protection governance. According to Sophia Kironde, Head of the Onsite Inspection Division, data privacy is no longer optional, and banks are expected to invest in cybersecurity infrastructure. The central bank has employed a risk-based supervision approach, meaning institutions with weak privacy controls will face closer scrutiny from the Bank of Uganda, including penalties of up to 2% of their gross earnings for non-compliance. Ronah Nahabwe reports.
BoU tightens oversight on banks over cybersecurity, data privacy
Leave a Comment
